There's Perception And Use Gap In Cyber Security

by CXOtoday News Desk    Apr 09, 2015


A huge gap exists between perception and use of cyber threat. And with majority of companies not prioritizing threat intelligence as cyber security defence, they will continue to be at a higher risk of cyber attacks, according to a new report by Ponemon Institute.

 The study reveals, while companies see the potential benefits and importance of having cyber threat intelligence, they are wary of the reliability of this intelligence, as well as its ability to be actionable. Further, respondents are also dissatisfied with perceived threat intelligence deficiencies, such as a surplus of alerts and false positives that make it difficult to respond to breaches.

According to the study, 40% of respondents surveyed said that they had a material security breach in the past 24 months, and 80% believe if they’d had threat intelligence at the time of the breach, they could have prevented or minimized the consequences of the attack.

The study notes that most of the current cyber defense practices are not considered effective; only 36% of respondents rate their company’s defense as strong. Almost half of respondents are increasing the amount of intelligence data they receive to prevent or mitigate the consequences of an attack. But 56% say intelligence becomes stale within seconds or minutes, and indicate that the more valuable features of a threat intelligence solution are the ability to implement intelligence and gauge the trustworthiness of the source in real time, said the study.

Another danger is that nearly half of the respondents use free sources of intelligence, stating free sources are inadequate for comprehensive threat analysis, making it more difficult to prioritize threats.

The good news however is that in the next two years, one-third of respondents will increase their threat intelligence budget significantly, said the report.

“While the report found that spending on threat intelligence is expected to increase in the next two years, these resources do not necessarily translate to greater security, and it is critical that the information be timely, accurate and actionable to be effective,” said Larry Ponemon, chairman and founder of Ponemon Institute.

“The results of the study indicate that, while some companies have figured out how to leverage threat intelligence into a viable enterprise security defense, many more have not. But, given the rapidly changing threat landscape, we expect threat intelligence to evolve to the point that it will become a key component of IT security.”

The study highlights the need for highly accurate and timely threat intelligence to help organizations assess the risk of incoming data, reduce the volume of security incidents, and accelerate response to successful attacks.”

It recommends that in order to achieve a stronger security posture, organizations should consider integrating real-time threat intelligence into their security infrastructure in order to more quickly assess the risk of unknown IPs, URLs, files and mobile apps before they enter the IT environment. Combining this with experienced staff and appropriate incident response processes will improve an organization’s ability to minimize or prevent serious security incidents.